[Dshield] Unknown.level3.net:80 attempted to attack my husband's pc

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Thu Aug 29 20:31:59 GMT 2002


list-admin at dshield.org <mailto:list-admin at dshield.org> scribbled on
Thursday, August 29, 2002 5:46 PM:

linlu (aka L. R.), Samantha, John B. C. (aka ALEPH0), Ed T. (aka etee),
John D., et al.

Please accept warm appreciation and welcome to pragmatic and factual
posts on this issue.

Quoting John D. at first-

<snip>
"As far as cryptography goes even pgp can't surpass what I've seen in
past posts here i.e.: HW FW, ect."
<snip>

Agree.

At first thought that "PFW" stood for "Physical Firewall" in opposite to
"Software [Implemented] Firewall". - Soon understood it was rather
"Personal Firewall". Having a Hardware Implemented Firewall of ones own,
is that not a "Personal Firewall" as well? Is not any Firewall both
Software and Hardware Implemented? In my opinion expressions "Software
[implemented] Firewall" and Hardware [implemented] Firewall" are good in
the sense that they describe what the implementation emphasizes on.
Software and Hardware are common impressions. So is "personal" but its
meaning seem to vary.

Started using abbreviations [especially in responses, if already in use
in original post] finding them so commonly used in posts by respected,
established members of this community.


Quoting John B. C.:

<snip>
> 
> Unless people understand how to interpret the data and reports from
> firewalls, network monitors, and other security applications, a lot of
> unnecessary panic is going to happen.  But it is always better to run
> a red flag up the pole because you see something that might be a
> problem than the opposite.
> 
<snip>

Agree.

Could perhaps the following also have to do with the phenomenon?

1) Lessons taught by, e.g. so-called [general] experts
2) Expressing opinions (having a tendency to lead to discussions of type
"my opinion is stronger than yours")
3) Proscribing software implemented firewalls as-
a) "Snake Oil", or
b) "No good solutions, because home/end users are [in their opinion(s)]
idiots" -- however, with no match to the degree of idiotism a certain S.
G. represents [in their mind],
c) "Consumer products - consume them",
d) But are "consumer products" an answer in protecting the "Average"
user from Internet threats:
e) Then supposing a scenario with [in order to support ones own opinion]
convenient line(s) of questions [and kindly providing answers]: "No, no,
no, and no."
f) "Open box", which admittedly proved to be more like [at maximum]
"half-open" = not protecting uneducated user from threats within the box
attempting out
g) How did the threat find its way in if the box is admittedly closed in
this other direction *)
h) Striving to keep the enemy out and kill within if necessary,
therefore this last type of threat is apparently more common in systems
personally less familiar with
j) Could it be that users of those less familiar systems deal with this
type of threat more frequently?
k) The enemy is so to say within.
m) + personalize the matter rather than tending to deal with factual
matters.

4) Since in this specific case a few products were presented by name,
could someone qualified please summarize which of the products misled
the user?
5) Which of the products provided the information (a good candidate for
False Alarm) and maybe even scared the hell out of the user, with the
previously mentioned factors possibly adding momentum to the experience?
Moreover, how user-friendly is that product?
6) Additionally, which of the products mentioned did not false alarm?
7) Did not confuse the user with "cryptic prompt(s)"?
8) Because the phenomenon which "So in other words it got past" this
product. (Please read phenomenon as "Authenticated response to
Authorized traffic".)
9) Which of the products handled the situation correctly in the sense:
"You get delivered what you order"
10) and did not bother user with BAU type of things.

Analysing this special case [and possibly other real cases] might bring
light on the dilemma of how to protect oneself against the various
Internet related threats.

- Peter

                "Don't find fault, find a remedy."
          Henry Ford (1863-947); US auto manufacturer.


PS. (*) e.g. using social engineering

[How does a hardware-implemented firewall protect better than a
software-implemented firewall from this type of threat?]





More information about the list mailing list